package com.xa.xamall.controller;

import com.alibaba.fastjson.JSONObject;
import com.xa.xamall.dao.model.MmallUser;
import com.xa.xamall.framework.cache.TokenCache;
import com.xa.xamall.framework.common.Md5Utils;
import com.xa.xamall.framework.vo.R;
import com.xa.xamall.service.UserService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;
import tk.mybatis.mapper.entity.Example;

import java.util.Date;
import java.util.List;
import java.util.UUID;

@Controller
@RequestMapping("/user")
public class UserController {
    @Autowired
    private UserService userService;

    @PostMapping("/test")
    public R get() {
        List<MmallUser> userList = userService.selectAll();
        return R.ok(userList);
    }
    @GetMapping("/checkAnswer")
    public ModelAndView checkAnswer(){
        ModelAndView mav=new ModelAndView();
        return mav;
    }
    @GetMapping("/forgetRestPassword")
    public ModelAndView RestPassword(){
        ModelAndView mav=new ModelAndView();
        return mav;
    }

    @GetMapping("/api/getQuestionByUser")
    @ResponseBody
    public R getQuestionByUser(String username){
        try {
            if (StringUtils.isBlank(username)) {
                return R.error("用户名不能为空！");
            }
            MmallUser mmallUser = userService.selectOne(new MmallUser() {{
                setUsername(username);
            }});
            if (mmallUser == null) {
                return R.error("不存在该用户！");
            }
            return R.ok("ok",mmallUser.getQuestion());
        }catch (Exception ex){
            return R.error("获取密码回答问题失败!");
        }
    }

    @PostMapping("/api/checkAnswer")
    @ResponseBody
    public R checkAnswer(@RequestBody JSONObject jsonObject) {
        try {
            String username= jsonObject.getString("username");
            String question= jsonObject.getString("question");
            String answer= jsonObject.getString("answer");
            if (StringUtils.isBlank(username)) {
                return R.error("用户名不能为空！");
            }
            if (StringUtils.isBlank(question)) {
                return R.error("密码回答问题不能为空！");
            }
            if (StringUtils.isBlank(answer)) {
                return R.error("答案不能为空！");
            }
            Example example = new Example(MmallUser.class);
            Example.Criteria criteria = example.createCriteria();
            criteria.andEqualTo("username", username);
            criteria.andEqualTo("question", question);
            criteria.andEqualTo("answer", answer);
            if (!userService.existByExample(example)) {
                return R.error("问题回答错误！");
            }
            //说明问题及问题答案是这个用户的,并且是正确的
            String forgetToken = UUID.randomUUID().toString();
            TokenCache.setKey(TokenCache.TOKEN_PREFIX + username, forgetToken);
            return R.ok(forgetToken);
        } catch (Exception ex) {
            return R.error("回答问题失败!");
        }
    }

    @PostMapping("/api/forgetRestPassword")
    @ResponseBody
    public R forgetRestPassword(@RequestBody JSONObject jsonObject) {
        try {
            String username= jsonObject.getString("username");
            String passwordNew= jsonObject.getString("passwordNew");
            String forgetToken= jsonObject.getString("forgetToken");
            if (StringUtils.isBlank(username)) {
                return R.error("用户名不能为空！");
            }
            if (StringUtils.isBlank(passwordNew)) {
                return R.error("新密码不能为空！");
            }
            if (StringUtils.isBlank(forgetToken)) {
                return R.error("缺少相关参数！");
            }
            String token = TokenCache.getKey(TokenCache.TOKEN_PREFIX + username);
            if (org.apache.commons.lang3.StringUtils.isBlank(token)) {
                return R.error("token无效或者过期！");
            }
            if (!token.equals(forgetToken)) {
                return R.error("token错误,请重新回答问题");
            }
            String md5Password = Md5Utils.hash(passwordNew);
            Example example = new Example(MmallUser.class);
            Example.Criteria criteria = example.createCriteria();
            criteria.andEqualTo("username", username);
            userService.updateByExampleSelective(new MmallUser() {{
                setPassword(md5Password);
                setUpdateTime(new Date());
            }}, example);
            TokenCache.setKey(TokenCache.TOKEN_PREFIX + username,"");
            return R.ok();
        } catch (Exception ex) {
            return R.error("修改密码失败!");
        }

    }

}
